CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-46505
https://notcve.org/view.php?id=CVE-2022-46505
An issue in MatrixSSL 4.5.1-open and earlier leads to failure to securely check the SessionID field, resulting in the misuse of an all-zero MasterSecret that can decrypt secret data. • https://github.com/SmallTown123/details-for-CVE-2022-46505 https://smalltown123.notion.site/MatrixSSL-session-resume-bug-a0 • CWE-665: Improper Initialization •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-16747
https://notcve.org/view.php?id=CVE-2019-16747
In MatrixSSL before 4.2.2 Open, the DTLS server can encounter an invalid pointer free (leading to memory corruption and a daemon crash) via a crafted incoming network message, a different vulnerability than CVE-2019-14431. En MatrixSSL versiones anteriores a 4.2.2 Open, el servidor DTLS puede encontrar una liberación de puntero no válida (conllevando a una corrupción de la memoria y un bloqueo del demonio) por medio de un mensaje de red entrante diseñado, una vulnerabilidad diferente al CVE-2019-14431. • https://github.com/matrixssl/matrixssl/blob/4-2-2-open/doc/CHANGES_v4.x.md https://github.com/matrixssl/matrixssl/issues/33 https://github.com/matrixssl/matrixssl/releases/tag/4-2-2-open • CWE-787: Out-of-bounds Write •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2019-13629
https://notcve.org/view.php?id=CVE-2019-13629
MatrixSSL 4.2.1 and earlier contains a timing side channel in ECDSA signature generation. This allows a local or a remote attacker, able to measure the duration of hundreds to thousands of signing operations, to compute the private key used. The issue occurs because crypto/pubkey/ecc_math.c scalar multiplication leaks the bit length of the scalar. MatrixSSL versión 4.2.1 y anteriores, contienen un canal lateral de temporización en la generación de firmas ECDSA. Esto permite a un atacante local o remoto, capaz de medir la duración de cientos de miles de operaciones de firma, calcular la clave privada usada. • http://www.openwall.com/lists/oss-security/2019/10/02/2 https://eprint.iacr.org/2011/232.pdf https://minerva.crocs.fi.muni.cz https://tches.iacr.org/index.php/TCHES/article/view/7337 • CWE-203: Observable Discrepancy CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-13470
https://notcve.org/view.php?id=CVE-2019-13470
MatrixSSL before 4.2.1 has an out-of-bounds read during ASN.1 handling. MatrixSSL versiones anteriores a 4.2.1, presenta una lectura fuera de límites durante el manejo de ASN.1. • https://github.com/matrixssl/matrixssl/blob/4-2-1-open/doc/CHANGES_v4.x.md#changes-between-420-and-421-june-2019 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-10914
https://notcve.org/view.php?id=CVE-2019-10914
pubRsaDecryptSignedElementExt in MatrixSSL 4.0.1 Open, as used in Inside Secure TLS Toolkit, has a stack-based buffer overflow during X.509 certificate verification because of missing validation in psRsaDecryptPubExt in crypto/pubkey/rsa_pub.c. pubRsaDecryptSignedElementExt en MatrixSSL versión 4.0.1 Open, como se usa en Inside Secure TLS Toolkit, tiene un desbordamiento de búfer basado en la pila durante la verificación del certificado X.509 debido a la falta de validación en psRsaDecryptPubExt en crypto / pubkey / rsa_pub.c. • https://bugs.chromium.org/p/project-zero/issues/detail?id=1785 https://github.com/matrixssl/matrixssl/issues/26 https://github.com/matrixssl/matrixssl/releases/tag/4-0-2-open https://www.openwall.com/lists/oss-security/2019/02/15/1 • CWE-295: Improper Certificate Validation CWE-787: Out-of-bounds Write •